War stories - Network changes tools

Every time I manage a change to a customer network I have a chance to taste the many shades of possible IT Operations maturity levels. I collected some best practices over the years about how to reduce risk and speed-up the change and testing process. I’ll share some in this post. Improvements and suggestions are welcome in the comments of the post or on my Twitter account.


We live in a time of intent, automation, orchestration and a lot of wonderful tools that promise to make the life of network engineers easier. Sometimes reality is simpler and maybe less fascinating, real problems need to be solved quickly with small budget. The specific case I discuss here is a medium network, around a hundred devices. The problem is to create an inventory of all the devices, backup configurations and verify all the boxes have the correct syslog, ntp and timezone configuration.

SecureCRT and Python

SecureCRT is one of my favourite tools, today I had a chance to use it in a way I didn’t expected. A customer called with a problem: he has a radio bridge that sometimes loses connection with the remote unit. The workaround is to reload the base unit. The process is manual, he monitors the radio bridge status and reload when required. Since the radio bridge is not business critical he doesn’t have budget to replace tha radio bridge or troubleshoot the problem, the request was to automate the check/reload process.

Log analysis GUI tools

Log analysis is important to both troubleshoot and understand network devices behaviour. Tail/less/grep are great tools that can help to filter and search hundreds or thousands lines of logs. If you prefer a GUI there are a couple of alternatives that can fit well. For windows users only Log Expert is a great choice with many features but it is not developed since 2012. [Log Expert]( is a Windows tail program (a GUI replacement for the Unix tail command).


tcping.exe is a small console application that operates similarly to ‘ping’, however it works over a tcp port. License: GPL - Platforms: Win XP, Vista 7 When I have to test if a TCP connection works, like when configuring a NAT or ACL rule, usually I telnet the specific port. TCPing allows to keep the ping active on the port to check when the rule works:

Batch Compiler

Tool of the day: Batch Compiler is a small and very easy top use application designed to help you script batch programs and compile them in to exe file with integrated help utility and a user friendly interface.

glogg - the fast, smart log explore

Glogg is a tool to browse and search through text files. I find it very useful to search in log files, it’s light and fast. It can also “follow” a file, so there’s no need to reopen the file or refresh if something changes. You can download glogg for Linux or Windows HERE

NtRadPing - a free Radius test utility

Quite often when a network configuration includes authentication or 802.1x on network devices Radius is the protocol of choice. NtRadPing is a free utility to test a Radius server. The usage is simple: insert the IP address of the radius server, the secret, user name and password of the user to test. Remember to add the IP of the PC as NAS on the Radius server to allow request to be processed and answered.